<?php
    session_start();
    if (isset($_POST['username'])){
        $username = $_POST['username']; 
        if ($username == '') {
            unset($username);
            echo "<meta http-equiv='Refresh' content='0; URL=index.php'>";  
        } 
    } else {
        echo ("Not set username!");
    }
    if (isset($_POST['password'])){
        $password = $_POST['password']; 
        if ($password == '') {
            unset($password);
            echo "<meta http-equiv='Refresh' content='0; URL=index.php'>";  
        } 
    } else {
        echo ("Not set password!");
    }
    $username = stripslashes($username);
    $username = htmlspecialchars($username);
    $password = stripslashes($password);
    $password = htmlspecialchars($password);
    $username = trim($username);
    $password = trim($password);
    $password = md5($password);
    $connection = mysql_pconnect("localhost" , "root" , "31122001");
    mysql_select_db("kt_site");
    $result = mysql_query("SELECT * FROM users WHERE username = '".$username."' AND password = '".$password."';");
    $num_rows = mysql_num_rows($result);
    $user = mysql_fetch_array($result);

    if (empty($user['id'])){
        unset($_SESSION['username']);
        unset($_SESSION['id']);
    }
    else {
        $_SESSION['username'] = $username; 
        $_SESSION['id'] = $user['id'];
    }    
    echo "<meta http-equiv='Refresh' content='0; URL=index.php'>";
?>